Hacker News new | past | comments | ask | show | jobs | submit login

Of course they do that. How else would such a service possibly operate?



By offering two different models and letting you choose between them for each hostname under Cloudflare.

1) Injecting themselves on the application layer (the current model)

2) Injecting themselves on the network layer, passing through only encrypted traffic between the client and your servers

Not every feature they currently offer would still be possible in model #2, but most of them (including DDOS protection) can still work in a limited fashion.


Coming soon


That's very good news! The knowledge that a large part of my internet usage is MITM'ed by a single entity is continuously making me uncomfortable.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: